• Category: Linux/Kernel
  • Status: confirmed
  • Sources: LWN Weekly Edition 2026-06-11, LWN Articles/1075806
  • Summary: The LWN Weekly Edition for 2026-06-11 covers a proposal to remove splice() and vmsplice() from the kernel, motivated by a surge of security vulnerabilities in these system calls being discovered by LLM-based automated security scanning tools. Both calls have a long history of exploitable bugs. Separately, kernel developers are actively removing old networking code (ax25, ATM, ISDN, and selected PCI drivers) as an alternative to managing the increasing volume of LLM-generated CVE reports. Alexei Starovoitov presented at the 2026 BPF Summit on how BPF tooling could be redesigned to avoid being misused by coding agents, with follow-on discussion on problems practitioners are encountering when using bpftrace with LLM agents.
  • Why it matters: The LLM-generated bug-report flood is beginning to influence kernel architecture decisions, including potential removal of two system calls used by zero-copy I/O workloads; applications relying on splice() or vmsplice() should track this discussion.

Send feedback on this story